Compliance and Auditing Policy

Compliance and Auditing Policy

The Compliance and Auditing Policy defines the approach to be taken to ensure the Company is compliant with legal, statutory, regulatory and contractual obligations related to information security and of ant security requirements, standards and internal policies, guidelines and processes mandated by the Company.

The scope and statements within this policy shall also apply to all personal data processed by the Company. “Processing” in this context means any operation concerning personal data throughout the information lifecycle; this includes but is not limited to personal data collected, stored, viewed, transferred, analyzed or communicated in hard copy, oral or electronic form.

CONTENT

1. OVERVIEW
1.1 PROCEDURE OWNER
1.2 CLASSIFICATION
1.3 APPLICABLE REGULATIONS
1.4 RELATED [COMPANY] NORMS AND PROCEDURES
1.5 OBJECTIVES
1.6 AUDIENCE AND SCOPE
1.7 DOCUMENT SUPPORT
2. DEFINITIONS & ABBREVIATIONS
3. IDENTIFICATION AND COMPLIANCE WITH LEGAL AND REGULATORY REQUIREMENTS
3.1 COMPLIANCE WITH LEGAL, REGULATORY AND CONTRACTUAL INFORMATION SECURITY AND DATA PRIVACY REQUIREMENTS
3.2 INTELLECTUAL PROPERTY RIGHTS
3.3 PROTECTION OF RECORDS
3.4 PRIVACY AND PROTECTION OF PERSONAL DATA
3.5 PREVENTION OF MISUSE OF INFORMATION PROCESSING FACILITIES
3.6 REGULATION OF CRYPTOGRAPHIC CONTROLS
4. INFORMATION SECURITY OPERATIONAL RISK MANAGEMENT
5. INFORMATION SECURITY REVIEWS
5.1 MANAGEMENT REVIEW OF THE INFORMATION SECURITY MANAGEMENT SYSTEM
5.2 INDEPENDENT REVIEW OF INFORMATION SECURITY
5.3 COMPLIANCE WITH SECURITY POLICIES AND STANDARDS
5.4 TECHNICAL COMPLIANCE REVIEW
6. INFORMATION SYSTEMS AUDIT CONSIDERATIONS
6.1 INFORMATION SYSTEMS AUDIT CONTROLS
6.2 PROTECTION OF INFORMATION SYSTEMS AUDIT TOOLS
7. EXCEPTIONS
8. FINAL CONSIDERATIONS
8.1 DISCIPLINARY ACTIONS AGAINST PROCEDURE VIOLATION
8.2 DOCUMENT REVISION

Pages: 12

Review Compliance and Auditing Policy.

Your email address will not be published. Required fields are marked *

Related Products:

€829.99

Purchase

This bundle contains all the products listed in the Risk Management section. Take advantage of the 25% OFF when buying the bundle!

€49.99

Purchase

Identity and Access Management Standard describes the management of individuals, their authentication, authorization, and privileges within or across system and enterprise boundaries with the goal of increasing security and productivity while decreasing cost, downtime and repetitive tasks.

€49.99

Purchase

This Internal Disciplinary Action Policy provides guidance with respect to determining internal disciplinary action only.

Get  Your Free Sample

Please use the form below to subscribe to our list and receive a free procedure template!
GET YOUR FREE TEMPLATE
>
close-link